Summary of Changes

1. ... and again improved Radars

Responder Radars now feature the standards radar. All Radars are sorted alphabetically now.

2. Realtime Access Control

Removing a user or changing the user type is enforced in realtime.

3. Configurable Session Timeout

Admins of an Alyne org can configure the inactivity timeout individually.

Changes in detail

New features

... and again improved Radars

Standards Radar for Responders

A short while ago we enabled Responder reports on Assessments. These show each Assessment Responder individually the expected and their actual maturity given their Assessment answers via our eye-pleasing Radar Diagrams. So far we only offered the Topic Radars for this. Now we added the Standards Radars as well. This is a big deal as Responders now can easily find out how compliant their answers are with international standards and regulations, such as GDPR, ISO 27001 and around 30 others supported by the Alyne Library.

Our Radars bend time: You can see the compliance status in the Radars always given the newest Standards and Regulations in the Alyne Library - no matter when the Assessment was completed.

Alphabetically Sorted Radars

As a goodie, we also managed to sort the Radar axes alphabetically clockwise. Even if you choose exotic custom Standards or Topics/Subtopics it should work fine.

Realtime Access Control

Leveraging the Alyne realtime technology, access can be revoked from a currently logged in user in realtime, i.e. under a second. This is active for when you promote or demote a user or of course when you remove/lock a user in your Alyne organisation.

Typical access control regulations requires access revocation within 24 hours. Our solution is the theoretically and practically fastest way of revoking access.

Configurable Session Timeout

In addition to our exisiting access controls on the Alyne platform such as

enforced password policy

access federation with ADFS, SAML, IdP-initiated SSO

multi-factor authentication

short-lived tokens - the higher the sensitivity of the data, the shorter the token life span

realtime access control

we now enable our customers to configure an inactivity timeout individually for their organisation.

Silently session inactivity timeouts have been implemented for a long time in our platform, but now every customer can set it on their own while the minimum is 30 minutes. So if you are logged in to Alyne and you don't touch anything for let's say 30 minutes, you are logged out automatically. Normally your computer should be anyway configured like this, but you never know ...

Bug fixes

We were to greedy while parsing email addresses for user invitations and Assessment recipients that led to hickups in starting an Assessment in rare cases. #regexftw

Tasks could be theoretically be delegated to locked users. That made no sense.

We improved the mobile version of the Risk Management

Photocredit: markusspiske / photocase.de

Author: Manuel Reil

Co-Founder, Chief Technology Officer

About the author

Co-founder and CTO of Alyne, IT security and architecture expert, 20 years web technologist, traveller